3 New Malicious Packages Found on PyPI

This page summarizes the projects mentioned and recommended in the original post on /r/Python
Package Repositories

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • fundable-packaging-improvements

    Packaging improvements that could be funded

    • PyPI is still very much a work in progress, and very community driven. This work takes time, but it seems like security is one of the top priorities of the PSF. I really want PyPI to support namespaces for packages so no malicious actors can squat on project names (like Github orgs). PSF has a fundables page where they are seeking funding to add features to the python packaging ecosystem.

  • warehouse

    The Python Package Index

    • The source code for PyPI is all up at https://github.com/pypa/warehouse and 100% in favor of community pull requests. We've got a few of the simpler issues triaged under https://github.com/pypa/warehouse/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22 or you can jump on IRC or Discord to talk to the PyPA team.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • 16 years of CVE-2008-0166 – Debian OpenSSL Bug

    2 projects | news.ycombinator.com | 12 May 2024

  • The ultimate guide to creating a secure Python package

    4 projects | dev.to | 8 May 2024

  • Create an AI prototyping environment using Jupyter Lab IDE with Typescript, LangChain.js and Ollama for rapid AI prototyping

    4 projects | dev.to | 2 May 2024

  • Smooth Packaging: Flowing from Source to PyPi with GitLab Pipelines

    8 projects | dev.to | 18 Jan 2024

  • Pickling Python in the Cloud via WebAssembly

    1 project | dev.to | 11 Jan 2024